mirror of
https://gitee.com/bianbu-linux/linux-6.6
synced 2025-04-24 14:07:52 -04:00
75cf029027
To avoid false positives, KMSAN needs to unpoison the data copied from the userspace. To detect infoleaks - check the memory buffer passed to copy_to_user(). Link: https://lkml.kernel.org/r/20220915150417.722975-19-glider@google.com Signed-off-by: Alexander Potapenko <glider@google.com> Reviewed-by: Marco Elver <elver@google.com> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Cc: Alexei Starovoitov <ast@kernel.org> Cc: Andrey Konovalov <andreyknvl@gmail.com> Cc: Andrey Konovalov <andreyknvl@google.com> Cc: Andy Lutomirski <luto@kernel.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Borislav Petkov <bp@alien8.de> Cc: Christoph Hellwig <hch@lst.de> Cc: Christoph Lameter <cl@linux.com> Cc: David Rientjes <rientjes@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Eric Biggers <ebiggers@google.com> Cc: Eric Biggers <ebiggers@kernel.org> Cc: Eric Dumazet <edumazet@google.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Ilya Leoshkevich <iii@linux.ibm.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: Jens Axboe <axboe@kernel.dk> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Kees Cook <keescook@chromium.org> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Pekka Enberg <penberg@kernel.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Petr Mladek <pmladek@suse.com> Cc: Stephen Rothwell <sfr@canb.auug.org.au> Cc: Steven Rostedt <rostedt@goodmis.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Vasily Gorbik <gor@linux.ibm.com> Cc: Vegard Nossum <vegard.nossum@oracle.com> Cc: Vlastimil Babka <vbabka@suse.cz> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
83 lines
2.4 KiB
C
83 lines
2.4 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* KMSAN checks to be used for one-off annotations in subsystems.
|
|
*
|
|
* Copyright (C) 2017-2022 Google LLC
|
|
* Author: Alexander Potapenko <glider@google.com>
|
|
*
|
|
*/
|
|
|
|
#ifndef _LINUX_KMSAN_CHECKS_H
|
|
#define _LINUX_KMSAN_CHECKS_H
|
|
|
|
#include <linux/types.h>
|
|
|
|
#ifdef CONFIG_KMSAN
|
|
|
|
/**
|
|
* kmsan_poison_memory() - Mark the memory range as uninitialized.
|
|
* @address: address to start with.
|
|
* @size: size of buffer to poison.
|
|
* @flags: GFP flags for allocations done by this function.
|
|
*
|
|
* Until other data is written to this range, KMSAN will treat it as
|
|
* uninitialized. Error reports for this memory will reference the call site of
|
|
* kmsan_poison_memory() as origin.
|
|
*/
|
|
void kmsan_poison_memory(const void *address, size_t size, gfp_t flags);
|
|
|
|
/**
|
|
* kmsan_unpoison_memory() - Mark the memory range as initialized.
|
|
* @address: address to start with.
|
|
* @size: size of buffer to unpoison.
|
|
*
|
|
* Until other data is written to this range, KMSAN will treat it as
|
|
* initialized.
|
|
*/
|
|
void kmsan_unpoison_memory(const void *address, size_t size);
|
|
|
|
/**
|
|
* kmsan_check_memory() - Check the memory range for being initialized.
|
|
* @address: address to start with.
|
|
* @size: size of buffer to check.
|
|
*
|
|
* If any piece of the given range is marked as uninitialized, KMSAN will report
|
|
* an error.
|
|
*/
|
|
void kmsan_check_memory(const void *address, size_t size);
|
|
|
|
/**
|
|
* kmsan_copy_to_user() - Notify KMSAN about a data transfer to userspace.
|
|
* @to: destination address in the userspace.
|
|
* @from: source address in the kernel.
|
|
* @to_copy: number of bytes to copy.
|
|
* @left: number of bytes not copied.
|
|
*
|
|
* If this is a real userspace data transfer, KMSAN checks the bytes that were
|
|
* actually copied to ensure there was no information leak. If @to belongs to
|
|
* the kernel space (which is possible for compat syscalls), KMSAN just copies
|
|
* the metadata.
|
|
*/
|
|
void kmsan_copy_to_user(void __user *to, const void *from, size_t to_copy,
|
|
size_t left);
|
|
|
|
#else
|
|
|
|
static inline void kmsan_poison_memory(const void *address, size_t size,
|
|
gfp_t flags)
|
|
{
|
|
}
|
|
static inline void kmsan_unpoison_memory(const void *address, size_t size)
|
|
{
|
|
}
|
|
static inline void kmsan_check_memory(const void *address, size_t size)
|
|
{
|
|
}
|
|
static inline void kmsan_copy_to_user(void __user *to, const void *from,
|
|
size_t to_copy, size_t left)
|
|
{
|
|
}
|
|
|
|
#endif
|
|
|
|
#endif /* _LINUX_KMSAN_CHECKS_H */
|